Replace @timestamp with timestamp in my message - logstash

manasapp · January 28, 2019, 2:46pm

hi pjanzen,

This is my conf file

input {
            file{
        	path => "E:\softwares\logstash-6.5.4\bin\PA_FW_Traffic-2018-09-10.txt"
          start_position => beginning
         }
         }
        filter{
        mutate { 
        	remove_field => ["facility_label","facility","@version","priority","tags","host","timestamp","severity_label","severity","logsource"]
        	split => { "message" => "," }
         }
        grok {
            match => { "message" => ["^{timestamp}"] }
        	}

         date {
        		match => [ "timestamp", "yyyy-MM-dd :HH:mm:ss ZZZ" ]
        		target => "@timestamp"
        	}
         }
        output {
            stdout {}
            file {
                path => "E:/testmessage.txt"
         codec => line { format => ["%{@timestamp},%{message}"] } 	
        	}
        }

Topic		Replies	Views
Can't replace real log time with @timestamp Logstash	6	1038	August 8, 2019
Replacing @timestamp with timestamp of my log Logstash	18	12806	January 5, 2017
Replacing @timestamp in logstash using grok fails [Solved] Logstash	7	3821	June 28, 2017
Grok filter to Replace @timestamp with my log-time Logstash	13	14347	December 12, 2017
Can i replace logstash timestamp with timestamp of my logfile? Logstash	17	40334	July 6, 2017

Replace @timestamp with timestamp in my message - logstash

Related topics